Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    CRITICAL
    CVE-2017-14464

    An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in... Read more

    • EPSS Score: %36.95
    • Published: Apr. 05, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2017-14463

    An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in... Read more

    • EPSS Score: %36.93
    • Published: Apr. 05, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2017-14462

    An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in... Read more

    • EPSS Score: %36.58
    • Published: Apr. 05, 2018
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2017-14461

    A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order to trigger this vulnerability, an attacker needs to sen... Read more

    Affected Products : debian_linux dovecot ubuntu
    • EPSS Score: %1.03
    • Published: Mar. 02, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-14460

    An exploitable overly permissive cross-domain (CORS) whitelist vulnerability exists in JSON-RPC of Parity Ethereum client version 1.7.8. An automatically sent JSON object to JSON-RPC endpoint can trigger this vulnerability. A victim needs to visit a malic... Read more

    Affected Products : ethereum_client
    • EPSS Score: %0.49
    • Published: Jan. 19, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2017-14459

    An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client in firmware versions 1.4 to 1.7 (current). An attacker can inject comman... Read more

    Affected Products : awk-3131a_firmware awk-3131a
    • EPSS Score: %20.60
    • Published: Apr. 11, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-14458

    An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 8.3.2.25013. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary cod... Read more

    Affected Products : foxit_reader pdf_reader
    • EPSS Score: %0.62
    • Published: Apr. 23, 2018
    • Modified: Nov. 21, 2024

  • 8.2

    HIGH
    CVE-2017-14457

    An exploitable information leak/denial of service vulnerability exists in the libevm (Ethereum Virtual Machine) `create2` opcode handler of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read leading to memory disclosure ... Read more

    Affected Products : ethereum_virtual_machine
    • EPSS Score: %0.29
    • Published: Jan. 19, 2018
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2017-14455

    On Insteon Hub 2245-222 devices with firmware version 1012, specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. An attacker should impersonate PubNub and answer an HTTPS GET... Read more

    Affected Products : hub_2245-222_firmware hub_2245-222
    • EPSS Score: %0.40
    • Published: Aug. 23, 2018
    • Modified: Nov. 21, 2024

  • 8.5

    HIGH
    CVE-2017-14454

    Multiple exploitable buffer overflow vulnerabilities exists in the PubNub message handler for the "control" channel of Insteon Hub running firmware version 1012. Specially crafted replies received from the PubNub service can cause buffer overflows on a gl... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %0.09
    • Published: Jan. 12, 2023
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2017-14453

    On Insteon Hub 2245-222 devices with firmware version 1012, specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. An attacker should impersonate PubNub and answer an HTTPS GET... Read more

    Affected Products : hub_2245-222_firmware hub_2245-222
    • EPSS Score: %0.40
    • Published: Aug. 23, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-14452

    An exploitable buffer overflow vulnerability exists in the PubNub message handler for the "control" channel of Insteon Hub running firmware version 1012. Specially crafted replies received from the PubNub service can cause buffer overflows on a global sec... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %0.38
    • Published: Aug. 23, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2017-14451

    An exploitable out-of-bounds read vulnerability exists in libevm (Ethereum Virtual Machine) of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read which can subsequently trigger an out-of-bounds write resulting in remote ... Read more

    Affected Products : ethereum
    • EPSS Score: %2.65
    • Published: Dec. 02, 2020
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2017-14450

    A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global section. An attacker can display an image to trigger this vulnerability.... Read more

    Affected Products : debian_linux sdl_image
    • EPSS Score: %0.77
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-14449

    A double-Free vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a Double-Free situation to occur. An attacker can display a specially crafted image to trigger this vulnerability.... Read more

    Affected Products : debian_linux sdl_image
    • EPSS Score: %0.67
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-14448

    An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trig... Read more

    Affected Products : debian_linux sdl_image
    • EPSS Score: %1.63
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 8.5

    HIGH
    CVE-2017-14447

    An exploitable buffer overflow vulnerability exists in the PubNub message handler for the 'ad' channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwri... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %0.58
    • Published: Aug. 06, 2018
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2017-14446

    An exploitable stack-based buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation unsafely extracts parameters from the query string, leading to a buffer overflow on the stack. An attacker can sen... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %0.40
    • Published: Aug. 02, 2018
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2017-14445

    An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the host parameter during a firmware update request, leading to a buffer overflow on a global section. An ... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %0.40
    • Published: Aug. 02, 2018
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2017-14444

    An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the URL parameter during a firmware update request, leading to a buffer overflow on a global section. An a... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %0.40
    • Published: Aug. 02, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 292386 Results